Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/7bc3ab-d9b6-4ae4-bcd1-ce57150695a9/1/IkM0uKLAdcEk2oDbxjxjs2E87K0.roa
File: IkM0uKLAdcEk2oDbxjxjs2E87K0.roa (raw, json)
Hash identifier: xmHDyUUE8cQy2CmvTRVsYR2m16ZDsWPL29YYWI25jBE=
Subject key identifier: 22:43:34:B8:A2:C0:75:C1:24:DA:80:DB:C6:3C:63:B3:61:3C:EC:AD
Certificate issuer: /CN=ec4fb061a9426e4fb2885d822867572a1b58a4c0
Certificate serial: 0194258F95167EE80212D5C7A441C330381B
Authority key identifier: EC:4F:B0:61:A9:42:6E:4F:B2:88:5D:82:28:67:57:2A:1B:58:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7E-wYalCbk-yiF2CKGdXKhtYpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/7bc3ab-d9b6-4ae4-bcd1-ce57150695a9/1/IkM0uKLAdcEk2oDbxjxjs2E87K0.roa
Signing time: Thu 02 Jan 2025 05:49:14 +0000
ROA not before: Thu 02 Jan 2025 05:49:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62068
IP address blocks: 5.182.208.0/22 maxlen: 24
45.14.224.0/22 maxlen: 24
45.87.41.0/24 maxlen: 24
45.87.42.0/23 maxlen: 24
62.68.71.0/24 maxlen: 24
91.226.227.0/24 maxlen: 24
91.230.49.0/24 maxlen: 24
146.19.248.0/24 maxlen: 24
185.224.128.0/22 maxlen: 24
185.244.36.0/22 maxlen: 24
2a0d:2400::/29 maxlen: 39
2a0d:2780::/29 maxlen: 32
2a0e:16c0::/29 maxlen: 29
2a0e:1740::/29 maxlen: 29
2a0e:2000::/29 maxlen: 29
2a11:b240::/29 maxlen: 32
2a12:a8c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 14 Mar 2025 13:46:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:95:16:7e:e8:02:12:d5:c7:a4:41:c3:30:38:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec4fb061a9426e4fb2885d822867572a1b58a4c0
Validity
Not Before: Jan 2 05:49:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=224334b8a2c075c124da80dbc63c63b3613cecad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:5a:3d:9c:cd:38:6f:70:64:e2:65:a9:6e:63:
3a:fe:65:60:49:75:1e:47:d9:4f:54:f1:d7:3d:93:
7d:e4:f5:c5:cd:01:d8:3b:b7:4f:73:c1:d4:6e:cf:
f8:e7:fe:41:20:b0:09:98:98:2e:b6:eb:16:ee:e6:
22:2c:5a:c5:60:e9:a2:bd:05:94:fe:05:42:13:94:
31:05:16:8e:7b:60:10:f6:15:70:66:44:c3:a1:ad:
5b:5e:cc:85:2e:d4:1a:ef:4b:27:df:fe:29:8d:2f:
b1:10:d3:3f:9e:f2:07:15:a3:a0:18:90:68:75:fb:
28:b7:ed:08:44:0f:a7:9c:18:b5:34:b4:fd:a6:7f:
e0:2f:4e:c9:f1:e5:7d:89:54:63:6f:33:d9:1a:14:
85:6f:c9:83:fb:26:04:52:71:d4:81:5c:6d:7e:0e:
38:4d:6e:38:a6:f2:53:80:8d:86:67:e9:d0:7c:a2:
e8:c7:0f:ef:2f:80:23:79:6d:f9:ff:a6:fd:ff:6d:
50:aa:9c:63:c9:19:40:e1:69:6d:9e:1c:2c:cb:9f:
c5:50:a5:af:8f:b4:dc:a7:5f:65:ea:cf:36:6e:72:
4e:cd:1f:ea:f2:7b:c7:79:e2:13:27:e5:83:3e:15:
4f:4b:a4:fd:b8:18:6c:ac:1b:80:ae:8c:85:10:3a:
7e:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:43:34:B8:A2:C0:75:C1:24:DA:80:DB:C6:3C:63:B3:61:3C:EC:AD
X509v3 Authority Key Identifier:
keyid:EC:4F:B0:61:A9:42:6E:4F:B2:88:5D:82:28:67:57:2A:1B:58:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7E-wYalCbk-yiF2CKGdXKhtYpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/7bc3ab-d9b6-4ae4-bcd1-ce57150695a9/1/IkM0uKLAdcEk2oDbxjxjs2E87K0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/7bc3ab-d9b6-4ae4-bcd1-ce57150695a9/1/7E-wYalCbk-yiF2CKGdXKhtYpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.208.0/22
45.14.224.0/22
45.87.41.0-45.87.43.255
62.68.71.0/24
91.226.227.0/24
91.230.49.0/24
146.19.248.0/24
185.224.128.0/22
185.244.36.0/22
IPv6:
2a0d:2400::/29
2a0d:2780::/29
2a0e:16c0::/29
2a0e:1740::/29
2a0e:2000::/29
2a11:b240::/29
2a12:a8c0::/29
Signature Algorithm: sha256WithRSAEncryption
6e:11:1c:4a:c0:af:15:fb:44:26:49:d5:85:a4:42:70:38:2f:
cb:63:11:3f:2a:77:b1:c9:b8:c8:6a:e8:a7:84:fc:45:db:f5:
b2:5f:f7:f8:c1:08:3e:fd:88:4a:c4:64:22:f1:ce:60:bd:17:
2b:22:89:bb:c3:51:55:c6:b6:d0:db:3d:e1:80:58:2a:e4:4a:
29:e1:0c:f1:9e:bc:3a:81:e3:39:75:d8:80:17:ec:4f:73:82:
20:2e:1f:52:8f:6e:e4:51:84:68:52:8f:cd:6d:57:43:f8:4c:
18:67:76:82:bb:bb:87:89:32:f3:49:fa:01:d0:91:9b:0a:74:
a8:a4:a9:e4:4d:b2:42:83:4b:a2:49:ae:ba:a8:6e:48:f9:a9:
2f:cd:d7:0f:f4:51:b2:37:24:a4:2c:00:29:30:ab:9e:4e:42:
68:2c:44:46:b1:34:69:f4:05:ed:d0:28:69:bb:d6:4b:c3:a5:
63:4e:d2:67:5b:d6:66:88:2f:0c:62:74:3f:76:6f:2a:f4:57:
03:25:43:71:12:3d:e3:c8:d9:40:20:51:bb:ee:91:50:b0:db:
c1:81:f6:df:e0:e9:bf:a9:5c:9b:04:fe:0f:d3:2e:41:28:a5:
28:b8:e2:99:84:8e:91:cd:e0:76:54:ab:68:aa:aa:1c:4e:d1:
70:81:f9:b9
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgISAZQlj5UWfugCEtXHpEHDMDgbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjNGZiMDYxYTk0MjZlNGZiMjg4NWQ4MjI4Njc1NzJhMWI1
OGE0YzAwHhcNMjUwMTAyMDU0OTE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjQzMzRiOGEyYzA3NWMxMjRkYTgwZGJjNjNjNjNiMzYxM2NlY2FkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0lo9nM04b3Bk4mWpbmM6/mVgSXUe
R9lPVPHXPZN95PXFzQHYO7dPc8HUbs/45/5BILAJmJgutusW7uYiLFrFYOmivQWU
/gVCE5QxBRaOe2AQ9hVwZkTDoa1bXsyFLtQa70sn3/4pjS+xENM/nvIHFaOgGJBo
dfsot+0IRA+nnBi1NLT9pn/gL07J8eV9iVRjbzPZGhSFb8mD+yYEUnHUgVxtfg44
TW44pvJTgI2GZ+nQfKLoxw/vL4AjeW35/6b9/21QqpxjyRlA4Wltnhwsy5/FUKWv
j7Tcp19l6s82bnJOzR/q8nvHeeITJ+WDPhVPS6T9uBhsrBuAroyFEDp+/QIDAQAB
o4ICfDCCAngwHQYDVR0OBBYEFCJDNLiiwHXBJNqA28Y8Y7NhPOytMB8GA1UdIwQY
MBaAFOxPsGGpQm5PsohdgihnVyobWKTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0Utd1lhbENiay15aUYyQ0tHZFhLaHRZcE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi83YmMzYWItZDliNi00YWU0LWJjZDEt
Y2U1NzE1MDY5NWE5LzEvSWtNMHVLTEFkY0VrMm9EYnhqeGpzMkU4N0swLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi83YmMzYWItZDliNi00YWU0LWJjZDEtY2U1NzE1MDY5NWE5
LzEvN0Utd1lhbENiay15aUYyQ0tHZFhLaHRZcE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGRBggrBgEFBQcBBwEB/wSBgTB/MEQEAgABMD4DBAIFttAD
BAItDuAwDAMEAC1XKQMEAi1XKAMEAD5ERwMEAFvi4wMEAFvmMQMEAJIT+AMEArng
gAMEArn0JDA3BAIAAjAxAwUDKg0kAAMFAyoNJ4ADBQMqDhbAAwUDKg4XQAMFAyoO
IAADBQMqEbJAAwUDKhKowDANBgkqhkiG9w0BAQsFAAOCAQEAbhEcSsCvFftEJknV
haRCcDgvy2MRPyp3scm4yGrop4T8Rdv1sl/3+MEIPv2ISsRkIvHOYL0XKyKJu8NR
Vca20Ns94YBYKuRKKeEM8Z68OoHjOXXYgBfsT3OCIC4fUo9u5FGEaFKPzW1XQ/hM
GGd2gru7h4ky80n6AdCRmwp0qKSp5E2yQoNLokmuuqhuSPmpL83XD/RRsjckpCwA
KTCrnk5CaCxERrE0afQF7dAoabvWS8OlY07SZ1vWZogvDGJ0P3ZvKvRXAyVDcRI9
48jZQCBRu+6RULDbwYH23+Dpv6lcmwT+D9MuQSilKLjimYSOkc3gdlSraKqqHE7R
cIH5uQ==
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:40:39 2025 by rpki-client